The Data Protection Principles
The data protection rules contain the following principles that you, as a data controller, must always comply with:
- Lawfulness, fairness and transparency: Processing must comply with the data protection rules and be transparent
- Purpose of limitation: In the case of collection, it must be clear for which purpose the data are to be used. Subsequent treatment must not be incompatible with these objectives
- Data minimization: Processing, including the storage of data, shall be limited to what is necessary to achieve the purpose
- Accuracy: Information shall be updated and incorrect data shall be deleted or rectified
- Storage limitation: Where data no longer need to be processed, it shall be anonymized or deleted
- Integrity and confidentiality: Information shall not be disclosed to unauthorized persons, get lost or damaged